<?php

require 'vars.php';
require 'functs.php';

Authenticate();

require 'config.mysql.php';

$link = MySQL_go($mysql_server,$mysql_user,$mysql_pass);
MySQL_set_db($link,$mysql_db);


if ($_GET[confirm] == '1') {

	$del = mysql_real_escape_string($_GET[del]);
	$user = mysql_real_escape_string($_SESSION[user]);

	$sendstring = "SELECT `user` FROM `featherchat_messages` WHERE `msgid` = '".$del."'";
	$result = mysql_query($sendstring);
	$userindb = mysql_result($result,0);

	if ($_SESSION[user] == $userindb) {
		header("Location: index.php#bot");
		$sendstring = "DELETE FROM `featherchat_messages` WHERE `user` = '".$user."' AND `msgid` = ".$del." LIMIT 1";
		$result = mysql_query($sendstring) or die ("Unable to delete message.");
	}
	else { 
		echo "Nice try...";
	}
}

else {
	Page_startup($title,$version);

	$msgid = mysql_real_escape_string($_GET[del]);

	$messagesql = "SELECT `message` FROM `featherchat_messages` WHERE `msgid` = '".$msgid."'";
	$result = mysql_query($messagesql);
	$post = mysql_result($result,0);

	?><div>You are deleting the post: "<?php

	if (strlen($post) > 19) { // Printing really long posts is a waste of data.
		echo substr($post,0,20)."...";
	} else { echo $post; } 

	?>"<br /><br />
	<form method="get" action="delete.php"><input type="submit" value="Delete" /><input type="hidden" name="del" value="<?php echo $_GET[del]; ?>" />
	<input type="hidden" name="confirm" value="1" /> | <a href="index.php">Cancel</a></form></div><?php

	Page_shutdown();
}

MySQL_halt($link);

?>